Hi, I managed to get authentication of users logged on Windows XP workstation to the network. The machine authentication (while booting) however fails thus preventing the users from retrieving their roaming profiles. Here is the relevant part of the log: Thu Feb 5 14:39:16 2009 : Debug: rlm_ldap: - authorize Thu Feb 5 14:39:16 2009 : Debug: rlm_ldap: performing user authorization for host/mycomputer Thu Feb 5 14:39:16 2009 : Debug: radius_xlat: Running registered xlat function of module mschap for string 'User-Name:None' Thu Feb 5 14:39:16 2009 : Debug: expand: (uid=%{mschap:User-Name:None}) -> (uid=mycomputer$) Thu Feb 5 14:39:16 2009 : Debug: expand: ou=People,dc=mycompany,dc=com -> ou=People,dc=mycompany,dc=com Thu Feb 5 14:39:16 2009 : Debug: rlm_ldap: ldap_get_conn: Checking Id: 0 Thu Feb 5 14:39:16 2009 : Debug: rlm_ldap: ldap_get_conn: Got Id: 0 Thu Feb 5 14:39:16 2009 : Debug: rlm_ldap: attempting LDAP reconnection It seems freeradius "tries" to authenticate the computer from the ou=People,dc=mydomain,dc=com. In radiusd.conf I have the following: ldap { server = "192.168.0.3" identity = "uid=dot1x_read_user,ou=People,dc=mydomain,dc=com" password = ldapreadpasswd basedn = "ou=People,dc=mydomain,dc=com" filter = "(uid=%{mschap:User-Name:None})" I now need to instruct the ldap to search in ou=Computers,dc=mydomain,dc=com for the computers authentication. How do I do this while preserving the working users auth ? Thanks Laurent